News, Developments, and Insights

high-tech technology background with eyes on computer display

Amazon Kindle Privacy

Over at Red Tape Chronicles [link no longer available], Bob Sullivan notes that Amazon is keeping data on the passages people highlight in their Kindles:

All e-book readers offer an electronic equivalent of such note-taking. But Kindle users who highlight passages will now have a record of those highlights sent back to Amazon servers, where they will be compiled and sorted to help produce a new feature called “Popular Highlights.”

The results are undeniably intriguing. Anyone can view the most popular passages of all time (currently a section from Malcolm Gladwell’s “Outliers”) or the most highlighted books (Dan Brown’s “Lost Symbol” is first; “The Holy Bible” is second). Meanwhile, Kindle owners who buy e-books can use a nifty option that lets them see which sections were selected by other Kindle readers.

Amazon does not reveal preferences of individual users. Only passages highlighted by three or more users are included.

Still, Larry Ponemon, who runs privacy consulting firm The Ponemon Institute, said some users will bristle at the notion that Amazon can track which passages they highlight while reading.  The feature “definitely steps over the line,” he said.

Why is this feature a problem?  Most of the concerns raised by the article point to problems with’s retention of the data.  But the notes and highlights are being backed up by Amazon, which obviously retains the data.  That’s what its backup service is all about.  There are major privacy risks whenever a third party stores people’s data, but these exist regardless of whether Amazon uses aggregate data in a “Popular Highlights” feature.  For example, Sullivan’s article states:

Even though the data is presented anonymously, a database of reading highlights could be a treasure trove for law enforcement.  Officials would be able to determine the authors of the notes or the users who highlighted a passage by obtaining a court order. The records would also be available to lawyers engaged in civil proceedings, such as divorce cases, Stephens said. For example, the fact that a spouse had highlighted sexual passages in books could become an issue in a contested divorce, he said.

True.  This is a big problem.  But it’s a problem regardless of whether Amazon reveals the aggregated information or not.  It’s a problem generally with any kind of cloud computing or other service where people’s data is backed up or stored with third parties.  This is because of a problem with Fourth Amendment law — the third party doctrine — which unfortunately companies can’t work around.   This is why I’ve urged companies to lobby Congress to pass better laws protecting information in the hands of third parties — because the Fourth Amendment leaves a gaping hole in protection.

So even if Amazon doesn’t use people’s data for its “Popular Highlights” feature, there still are privacy problems with Amazon backing up people’s notes and highlights.

According to Sullivan’s article:

Users can opt out of participating, but only if they disable a feature that automatically backs up notes and highlights. Herdener would not comment on how many users had turned off the notes and highlights backup feature.On a Web site named, devoted to Kindle fanatics, some users complained that they were being forced to pick between participating in popular highlights or losing their notes due to a system crash or lost device.

There are at least two problems here.  First, Amazon’s default is to back up the data, and that puts people’s privacy at great risk given the third party doctrine as well as the fact that many businesses maintaining personal data have had great difficulties maintaining good data security.  Second, making users choose between being able to back up their notes/highlights and having their data used for Amazon’s feature isn’t a fair choice.  Some users may not want their data used for any purpose beyond backing it up.  People should freely participate in Amazon’s “Popular Highlights” feature, not be coerced into doing so.


Originally Posted at Concurring Opinions

* * * *

This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.

Professor Solove is the organizer, along with Paul Schwartz, of the Privacy + Security Forum and International Privacy + Security Forum, annual events designed for seasoned professionals.

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
LinkedIn Influencer blog

TeachPrivacy Ad Privacy Training Security Training 01